Request a Demo Contact Us
Bugcrowd Acquires Informer to Enhance Offerings Across Attack Surface Management and Penetration Testing
Learn More
Press release

Bugcrowd Elevates Standards of Security in Crowdsourced Security Market

SOC 2 Type 1 and ISO 27001 Certifications demonstrate that Bugcrowd’s Crowdcontrol™ Platform upholds the highest standards of security

SAN FRANCISCO – May 30, 2018 – Bugcrowd, the leader in crowdsourced security, announced today the company has achieved Soc 2 Type 1 compliance. Building on its ISO 270001 certification earlier in the year, the company is now the first in the industry with multiple audited controls, upholding the most rigorous standards of security for customers and researchers.

Based on reporting principles developed by the American Institute of Certified Public Accountants (AICPA), Type 1 SOC 2 Compliance provides a framework for organizations to document, obtain independent validation of and publish their information security policies and procedures. To achieve SOC 2 Type 1, Bugcrowd’s infrastructure and data control policies passed a rigorous test to ensure they adhered to the AICPA’s SOC 2 guidelines for security, system availability, as well as data confidentiality.

“Security and privacy are more important today than ever before,” said David Baker, CSO, Bugcrowd. “At Bugcrowd we’ve taken these things seriously since day one and our proven track record of exceeding industry standards for security and privacy speak for themselves. Today, we’re proud to be recognized as the first and only vendor in the space to have achieved both of these rigorous standards of security excellence.”

SOC 2 is the officially recognized auditing standard for service organizations demonstrating adequate controls and processes. To learn more about security at Bugcrowd visit:

Today, Bugcrowd also announced the appointment of Mark Milani as Global Head of Engineering.

Additional Resources:

About Bugcrowd

Bugcrowd is trusted by more of the Fortune 500 than any other crowdsourced security platform. Why? Because people need the increased security of a bug bounty without all the extra work and chaos. Bugcrowd cracked the code on crowdsourced security through rock-solid program management, top trusted researchers and a versatile platform. That’s how our vulnerability disclosure and bug bounty programs find seven times as many critical vulnerabilities as traditional testing. Based in San Francisco, Bugcrowd is backed by Blackbird Ventures, Costanoa Ventures, Industry Ventures, Paladin Capital Group, Rally Ventures, Salesforce Ventures and Triangle Peak Partners. Bugcrowd. Outhack Them AllTM. Learn more at